|
|
Collection of Sensor Data into Cloud
Záhorský, Matej ; Musil, Petr (referee) ; Nosko, Svetozár (advisor)
Primárnym účelom tejto práce je zber dát z vybraných senzorov do vzdialeného Cloudu prostredníctvom platformy STM32MP1. V prvej časti práce je popísaná teória ohľadom možností zberu dát, ich kryptografického zabezpečenia a funkcie daného mikrokontroléra. V druhej časti je navrhnuté a implementované vhodné softvérové riešenie pre efektívne a bezpečné zbieranie dát z vybraných senzorov. Na koniec sú vyhodnotené vlastnosti riešenia, čo zahrňuje i rýchlosť kryptografického podpisovania v reálnej aplikácií.
|
|
|
Hardware-Accelerated Device for Protection Against DoS Attacks
Kuka, Mário ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis deals with the development of a firmware for hardware-accelerated device used as a protection against amplification (D)DoS attacks. In the today's world, (D)DoS attacks are very common and cause significant financial damages. Therefore the goal is to create affordable and easy to deploy centralized device that would resolve this issue. To reach this goal, a hardware accelerator is being used for the high-volume data transfer processing through a single commonly used server. Design and implementation of the firmware had been done considering the fact that this device will be used in the networks with 100\,Gbps speed. The whole system had undergone functional verification and its real throughput was verified within the laboratory testing as well. Created device has been already deployed into the CESNET network infrastructure during the time of the writing of this thesis and it has been tested by the network administrators. Based on the received feedback, the development will continue focusing on expanding of the detection of more types of attacks.
|
|
|
P4 Language-Based Description of Accelerated Device against DoS Attacks
Kuka, Mário ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis describes the development of a networking device used to defend against (D)DoS attacks using P4 language. The main purpose was to design flexible device using P4 lan-guage based on already existing device, this would allow us to quickly react and respond to new more complex DDoS attacks. The design of the device dealt with the transfer of individual parts of the firmware into the P4 language. Subsequently, the entire device firmware was designed for hardware accelerators with FPGA technology. The firmware had been designed with respect to the limitations of current P4 language compilers. The device has been tested under laboratory conditions for functionality and performance. The device will be deployed in the network infrastructure of CESNET.
|
|
|
Automatic Configuration of Utility Tools for FPGA Firmware
Perešíni, Martin ; Matoušek, Jiří (referee) ; Kučera, Jan (advisor)
This bachelor's thesis is about designing an automatic configuration of utility tools for FPGA firmware. The assignment is solved within CESNET research activity, which is devoted on the development of hardware-accelerated network interface cards based on FPGA technology. The aim of the thesis is to replace current inflexible system for describing the firmware structure used by NIC, HANIC and SDM projects. The system was based on a firmware description by XML file, which was created manually for each configuration. Based on negative aspects of system is created new design, which is using Device Tree. Device Tree is opening possibility to change NetCOPE build system for automatic generating firmware description. Description of hardware is distributed together with firmware. In the thesis, the design of the system was implemented and then verified by testing functionality on the ethctl tool. At the end of the work are mentioned possible system features and extensions for future.
|
|
|
Asymmetric-Key Cryptography in Embedded Systems
Záhorský, Matej ; Kula, Michal (referee) ; Nosko, Svetozár (advisor)
Účelom tejto práce je prieskum a implementácia existujúceho asymetrického kryptografického algoritmu v FPGA a vyhodnotenie jeho výkonu. Prvá kapitola sa zameriava na vstavané systémy a FPGA, pričom popisuje ich štruktúru a použitie. V druhej kapitole je porovnanie kryptografických algoritmov a ich vlastností, ktoré umožňujú ich použitie vo vstavaných systémoch. Fázy návrhu a implementácie v tomto projekte popisujú a implementujú riešenie, ktoré zahŕňa výber a integráciu podpisovacieho algorithmu v FPGA. Dodatočné optimalizácie na zvýšenie výkonu sú taktiež naimplementované vo forme hardvérovej akcelerácie, ktoré sú zároveň porovnané s pôvodným algoritmom v kapitole vyhodnotenia.
|
|
|
Collection of Sensor Data into Cloud
Záhorský, Matej ; Musil, Petr (referee) ; Nosko, Svetozár (advisor)
Primárnym účelom tejto práce je zber dát z vybraných senzorov do vzdialeného Cloudu prostredníctvom platformy STM32MP1. V prvej časti práce je popísaná teória ohľadom možností zberu dát, ich kryptografického zabezpečenia a funkcie daného mikrokontroléra. V druhej časti je navrhnuté a implementované vhodné softvérové riešenie pre efektívne a bezpečné zbieranie dát z vybraných senzorov. Na koniec sú vyhodnotené vlastnosti riešenia, čo zahrňuje i rýchlosť kryptografického podpisovania v reálnej aplikácií.
|
|
|
P4 Language-Based Description of Accelerated Device against DoS Attacks
Kuka, Mário ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis describes the development of a networking device used to defend against (D)DoS attacks using P4 language. The main purpose was to design flexible device using P4 lan-guage based on already existing device, this would allow us to quickly react and respond to new more complex DDoS attacks. The design of the device dealt with the transfer of individual parts of the firmware into the P4 language. Subsequently, the entire device firmware was designed for hardware accelerators with FPGA technology. The firmware had been designed with respect to the limitations of current P4 language compilers. The device has been tested under laboratory conditions for functionality and performance. The device will be deployed in the network infrastructure of CESNET.
|
|
|
Automatic Configuration of Utility Tools for FPGA Firmware
Perešíni, Martin ; Matoušek, Jiří (referee) ; Kučera, Jan (advisor)
This bachelor's thesis is about designing an automatic configuration of utility tools for FPGA firmware. The assignment is solved within CESNET research activity, which is devoted on the development of hardware-accelerated network interface cards based on FPGA technology. The aim of the thesis is to replace current inflexible system for describing the firmware structure used by NIC, HANIC and SDM projects. The system was based on a firmware description by XML file, which was created manually for each configuration. Based on negative aspects of system is created new design, which is using Device Tree. Device Tree is opening possibility to change NetCOPE build system for automatic generating firmware description. Description of hardware is distributed together with firmware. In the thesis, the design of the system was implemented and then verified by testing functionality on the ethctl tool. At the end of the work are mentioned possible system features and extensions for future.
|
|
|
Hardware-Accelerated Device for Protection Against DoS Attacks
Kuka, Mário ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis deals with the development of a firmware for hardware-accelerated device used as a protection against amplification (D)DoS attacks. In the today's world, (D)DoS attacks are very common and cause significant financial damages. Therefore the goal is to create affordable and easy to deploy centralized device that would resolve this issue. To reach this goal, a hardware accelerator is being used for the high-volume data transfer processing through a single commonly used server. Design and implementation of the firmware had been done considering the fact that this device will be used in the networks with 100\,Gbps speed. The whole system had undergone functional verification and its real throughput was verified within the laboratory testing as well. Created device has been already deployed into the CESNET network infrastructure during the time of the writing of this thesis and it has been tested by the network administrators. Based on the received feedback, the development will continue focusing on expanding of the detection of more types of attacks.
|
guest ::
